Skip to main content

添加域、授权证书的域和使用 HTTP 实用演示作为验证方法

通过 HTTP 实用演示证明对域的控制权

Add a domain and demonstrate control over the domain by hosting a file containing a DigiCert-generated random value (provided for the domain in your CertCentral account) at a predetermined location on your website: http://{domain-name}/.well-known/pki-validation/fileauth.txt.

创建文件并放置到您的网站后,DigiCert 访问指定的 URL 以确认唯一随机值的存在。务必避免 常见错误:HTTP 实用演示 DCV 方法

重要

Only use the HTTP Practical Demonstration DCV methods to demonstrate control over fully qualified domain names (FQDNs) exactly as named. To learn more, visit Domain Validation Policy Changes.

Use one of the other supported DCV methods, such as email, DNS TXT, and CNAME, to prevalidate entire domains and subdomains.

在开始之前

When you add a domain to your account, you must assign the domain to an organization in your account. However, before assigning a domain to it, you must first add the organization to your account. See Add an organization to your CertCentral account.

Additionally, if you want the domain used for OV, EV, or Private TLS/SSL certificates, you must submit its organization for prevalidation and include those matching validation types. See Submit an organization for pre-validation.

第 1 步:添加和授权用于 TLS/SSL 证书的域

  1. 在您的 CertCentral 帐户的左侧主菜单中,转到证书 > 域

    In the left main menu, go to Certificates > Domain.

  2. 页面上,单击新域

  3. 新域 页面的 域详细信息下,输入以下域信息:

    • 域名

      输入证书要保护的域名。

    • 组织

      在下拉列表中,选择您要向其分配域的组织。

  4. 域控制验证 (DCV) 方法下,选择 HTTP 实用演示

  5. 完成后,单击提交验证

第 2 步:使用 HTTP 实用演示证明对域的控制权

  1. 创建 .txt 文件:

    1. 以该名称保存 .txt 文件:fileauth.txt

      1. Open a text editor (e.g., Notepad).

      2. In the Your unique verification token box, copy your token and paste the random value in text editor.

        The random value expires after 30 days.

      3. Save the .txt file under this name: fileauth.txt.

    2. Create the .well-known/pki-validation/ directory on your site.

      For Windows-based servers, the .well-known folder must be created via command line (mkdir .well-known).

  2. 将 fileauth.txt 文件放在站点的 .well-known/pki-validation 下。

    URL 应该看起来如下所示:

    http://[yourdomain]/.well-known/pki-validation/fileauth.txt

  3. 验证 HTTP 令牌

    1. 在您的 CertCentral 帐户的左侧主菜单中,转到证书 > 域

    2. 页面的域名列中,单击域链接。

    3. On the domain's details page, in the Domain control validation (DCV) method section under User actions select Check HTTP Token.

本节内容如下: